If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

EC-Council Certified Ethical Hacker

I'm a security professional in training. I'm currently working on my B.S in Computer Science with a focus in network security. I also currently possess a CCNA, and plan on obtaining the CCNP and CISSP/CCSP.

A while ago browsing around the net I stumbled across a security certification by EC-Council, the Certified Ethical Hacker (CEH). Out of curiosity, does anyone know/or have experience with whether or not this is an industry recognized professional certification or is it a lower profile certification such as Network+, A+, Security+, or is it a total joke to industry professionals?

Wow, what are the odds of this being posted right before I posted my comments about being the newest AO CEH? That's very strange.

Anyway, I went to InfoSec Institutes CEH training and I thought it was a very solid course with a very good instructor. I have seen some fairly negative things about EC Councils coursework though, which is what lead me InfoSec as they make their own courseware and labs.

I think the only real problem I see with CEH right now is industry buy in. There are way too many people teaching this course and they all do it differently. Some of them really suck, at least from what I can gather from talking to other people, and some of them really excel. If the EC Council can get this under countrol I think that this will be a great certification.

If you have specific questions then either ask them here or send them to me in PM. I'll answer what I can.

Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

It seems from reading over certain sites pertaining to the course that the knowledge can be very useful to a security professional, especially in the field of forensics and penetration testing.

I was curious because this is the first I've seen of this certification, and it seems to be a rather less well known cert from what I've run into.

Hopefully as you said EC Council will help it progress into a mature certification.

Overall, it seems as if you would recommend the course from InfoSec as well as the certification, correct? Has it added to your knowledge of networking, scripting, and security practices in the industry?

Absolutely I would recommend the InfoSec course, and even the CEH cert. It isn't an end-all-be-all cert, but I think it shows that you have a good baseline of security knowledge.

It did add to my knowledge of scripting (to a degree) and security practices, like getting a scope of a pen test in countrol, and some of the switches for software that I was already familiar with. We also covered some off course stuff, like Optix Pro... and didn't cover some course stuff like Ettercap, but that was ok as I only saw one question about Ettercap on the test and it was easy enough to figure out.

I think the thing that helped the most, even though the course material was good, was the instructor. He has been doing IT Security stuff for a very long time, and has consulted with a number of three letter agencies about breakins and security issues. He knew the material well, presented it even better and then covered stuff that was real world application of the material we learned.

FWIW I have been doing IT Sec work for 7+ years now, and I learned a bunch from this course. I also learned that I don't know nearly as much as I thought which is always a sobering experience.

Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

Very cool...I will definately look into this as I progress in my security career.

I have noticed it is hard to find decent training when it comes to certifications. Either the course material sucks, or the instructors suck, or both. Its also much better when the instructor has actual industry experience and you can work with them one-on-one.